The United Nations (UN) is regarded as an
all-talk-no-action organization primarily because of its
utter failure in protecting the developing world from destruction at the hands of and dictators and superpowers. However, it seems that the organization is as helpless in its internal matters as it is towards world issues.
According to the UN’s internal confidential report, the organization was the target of a “sophisticated” cyberattack in 2019. Reportedly, the organization is still trying to find out the extent of data loss and the identities of the hackers. The UN report was apparently leaked to The New Humanitarian and The Associated Press (AP) was able to access it from there.
As per the details of the attack shared by AP, a group of hackers exploited Microsoft SharePoint’s vulnerability and used an unidentified malware to access the UN’s servers in its Vienna and Geneva offices and the UN High Commissioners for Human Rights office.
The human rights office is where sensitive data related to human rights abuse is collected and stored....
The AP reported that during the espionage operation, dozens of servers were compromised. Furthermore, it is most likely that the hacker behind
the spying campaign was state-sponsored. What’s most disturbing is the fact that the organization chose not to disclose details of the attack until the AP and The New Humanitarian obtained internal documents and reported about it.
As per a UN spokesperson, the nature and scope of the attack haven’t been determined yet and it was the UN’s decision to not disclose the security breach publicly.
In a comment to
HackRead, Craig Hinkley, CEO, WhiteHat Security, said “In a tense geo-political climate, nation-state attacks are on the rise, and this comes as no surprise. These attacks have the potential to cause serious havoc to systems around the world, often targeting critical infrastructure like power grids and industrial control systems, as well as government agencies.”
“With the focus of today’s headlines on the United Nations, it appears the international entity has been targeted with malware that was potentially leveled through an application vulnerability in MS SharePoint. For years, these app vulnerability attacks have successfully disrupted operations and leaked sensitive information,” Craig pointed out.
“While security teams investigate which country may have launched this attack, our job as security professionals is to recognize that the threats are bigger than just one country. This is a global problem....
A former US government hacker Jake Williams assessed the attack and concluded that it seems like an espionage operation in which hackers were able to
evade detection by deleting the logs that could have stored information about their intrusion.
It is reported that the hackers downloaded approx. 400GB of data, which includes sensitive employee-related information. However, the exact contents of the hacked database are yet unknown to the organization.
